John Oliver wrote: > On Thu, Jul 10, 2008 at 01:40:25PM -0600, Rich Megginson wrote: > >> John Oliver wrote: >> >>> One of the projects on my plate is to have a working backup of an >>> existing fedora-ds server. I installed fedora-ds under CentOS 5.2 and >>> copied over the files that result from ns-slapd db2archive from the >>> existing server to the new machine. >>> >>> First off, I know nothing about LDAP or fedora-ds in particular :-) >>> >>> After looking at the existing server and what I had after installing on >>> the new server, I decided that running /usr/sbin/setup-ds-admin.pl was >>> probably necessary. I went through, answering the questions as best I >>> could (and figuring that the answers would be overwritten when I >>> restored the backup). I got this: >>> >>> [08/07/10:10:18:52] - [Setup] Info Are you ready to set up your servers? >>> [08/07/10:10:18:56] - [Setup] Info yes >>> [08/07/10:10:18:56] - [Setup] Info Creating directory server . . . >>> [08/07/10:10:18:59] - [Setup] Info Your new DS instance 'unix-services2' >>> was suc >>> cessfully created. >>> [08/07/10:10:18:59] - [Setup] Info Creating the configuration directory >>> server . >>> . . >>> [08/07/10:10:22:08] - [Setup] Fatal Error: failed to open an LDAP >>> connection to >>> host 'unix-services2.my.domain.com.com' port '389' as user >>> 'cn=Directory Ma >>> nager'. Error: unknown. >>> [08/07/10:10:22:08] - [Setup] Fatal Failed to create the configuration >>> directory >>> server >>> [08/07/10:10:22:08] - [Setup] Fatal Exiting . . . >>> Log file is '/tmp/setupVSpvCl.log >>> >>> >>> Yes, that's two ".com"s No idea why. >>> >>> >> Check /etc/hosts, /etc/nsswitch.conf, and /etc/resolv.conf, and check >> that against what you typed in as your hostname and what DNS resolves it to. >> > > All are correct. /etc/hosts has the correct FQDN as well as hostname. > /etc/resolv.conf is pointed to two working DNS servers. And > /etc/nsswitch.conf has "hosts: files dns" > > Is there a way to tell it to remove the problematic stuff and try to set > up again? > When you run setup-ds-admin.pl, and it asks you for the hostname, does it have the correct hostname or the bogus one? If you specify the correct hostname at the dialog prompt, it will use the correct one throughout. > >>> So, I stop the dirsrv process and try: >>> >>> [root at localhost ~]# ns-slapd archive2db -D >>> /etc/dirsrv/slapd-unix-services2 -a >>> /var/lib/dirsrv/slapd-unix-services2/in >>> [10/Jul/2008:11:05:39 -0700] - ERROR: target server has no NetscapeRoot >>> configured >>> [10/Jul/2008:11:05:39 -0700] - archive2db: Failed to read backup file >>> set. Either the directory specified doesn't exist, or it exists but >>> doesn't contain a valid backup set, or file permissions prevent the >>> server reading the backup set. error=53 (Invalid request descriptor) >>> >>> >> Don't use ns-slapd archive2db directly - use the scripts in >> /usr/lib/dirsrv/slapd-instance (db2bak, bak2db, etc.) instead. >> > > [root at unix-services2 ~]# /usr/lib/dirsrv/slapd-unix-services2/bak2db > /var/lib/dirsrv/slapd-unix-services2/in/ > [10/Jul/2008:14:56:40 -0700] - ERROR: target server has no NetscapeRoot > configured > [10/Jul/2008:14:56:40 -0700] - archive2db: Failed to read backup file > set. Either the directory specified doesn't exist, or it exists but > doesn't contain a valid backup set, or file permissions prevent the > server reading the backup set. error=53 (Invalid request descriptor) > [root at unix-services2 ~]# ls /var/lib/dirsrv/slapd-unix-services2/in/ > DBVERSION dse_instance.ldif NetscapeRoot > dse_index.ldif log.0000000076 userRoot The backup was created in a server with both userRoot and NetscapeRoot, but you are attempting to restore it in a server that does not have NetscapeRoot. You need to create a root suffix called o=NetscapeRoot with an associated database called NetscapeRoot. You can do this in the console. *http://tinyurl.com/595tyy* If you don't want NetscapeRoot at all, you could try exporting your old database to LDIF using db2ldif or db2ldif.pl, to get just the userRoot part (i.e. the suffix that you keep your real user&group data in). -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20080710/1c4c47da/attachment.bin